When’s the last time you actually mailed a letter? Seriously
think about it. If you’re anything like us, you’re probably not too sure. And like us, I bet you send a ton of emails.
But the old envelope and stamp is a bit underrated when it comes to security.
Unlike email, real letters can’t be hacked, they can’t be copied en route, and
if anyone reads them, they need to be ripped open, so you’ll know.
But there’s no reason your emails shouldn’t be just as safe.
So, check out our top 5 safe email tips and correspond with confidence!
1.
Know
your enemy
This is big. A lot of people worry about their spouse,
boyfriend or coworkers going through their email and take security precautions
accordingly. But the enemy you least expect is the one that’s going to get you.
The girl looking over your shoulder at the coffee shop may be suspicious, but
the guy in the corner sniffing packets is the one you should be watching.
The best solution is to be ready for anything. Emails contain
a lot of sensitive and valuable information, so be ready for anyone who might
want unauthorized access.
2.
Don’t
put all your eggs in one basket
Split up your emails! You probably already have at least two
accounts — one for work and one for personal stuff — but you should really
break it down even further. Create another account for things like internet
banking and bills. If your primary email account is compromised, you really
don’t want the wrong people getting their hands on your account numbers and
passwords.
We also recommend a separate account for newsletters. You know
all those sites that require an email address to access their content? Most of
them are selling that address to third parties that want to spam you with all
kinds of things you’re probably not interested in. Relegate unsolicited ads to
a newsletter/advertiser account and keep your inbox a little safer.
3.
Close
your email account on shared computers
This one’s pretty obvious. If you access webmail from a
public computer at a library or internet café, make sure you log off when
you’re done! But even beyond that, empty the browser’s cache before you leave.
All browsers keep a history and a cache that lists sites you’ve visited and
content you’ve accessed. Some caches might even display some of the content
you’ve looked at in your emails. So before you log off, just click over to
settings and empty that cache.
4.
Encrypt!
This is where things get real. Keeping email safe on your
computer is one thing, but, by its design, email must travel between servers
and computers. And this is where your information is most vulnerable.
Hackers often employ a tactic called packet sniffing to
steal your data. Normally, when a computer is connected to a network, it
automatically collects only the packets with its own address on them. A packet
sniffer, however, can collect all data packets moving on a network and it takes
only a novice to reassemble that information on their own computer. In many
cases, that data is your private email!
Encryption stops packet sniffers in their tracks. When you
encrypt your data, the only thing cybercriminals see when they grab your
packets is garbled gibberish.
Most webmail clients automatically offer some level of
encryption. When you see the “s” at the end of “https://” in your webmail’s
URL, that means they are using a form of encryption called Secure Sockets Layer
(SSL). Unfortunately, many criminals can now crack some forms of SSL
encryption, leaving your data exposed.
Desktop mail clients like Microsoft Outlook can also encrypt
messages but require the sender and the recipient to first share private keys
that are used to encrypt and decrypt the messages. While this is certainly
useful for regular correspondents, it’s not particularly practical all the
time.
So while SSL and private keys are both handy, if you want
serious security, you’ll need to take matters into your own hands. And a
virtual private network (VPN) is without a doubt the best way to keep your
email safe after it leaves your computer. When you use a VPN, not only is your
data thoroughly encrypted, but it also travels through a VPN tunnel that
actually hides your packets. Unless your adversary has a supercomputer and a
lot of time on his hands (it would take a supercomputer longer than the age of
the known universe to crack a VPN’s 512-bit encryption), you’re safe.
5.
Inbox
Canary
This is probably one of the coolest and most clever ideas I’ve
ever heard, but it does require some substantial infrastructure.
Coder and blogger John Graham-Cumming developed what he
calls the canary as a way to see if any nefarious individuals are accessing his
Gmail account. Here’s how it works:
John created a bait email sent from a fake account with the
subject line, “Barclays Private Banking: Confidential Account Details and Login
Credentials.” He then starred the email, which keeps it at the top of his
inbox. Surely, anyone looking for valuable information would click on it
immediately.
Once opened, the email looks like a typical letter from a
bank with a Barclays logo right in the message. This is the canary. The
Barclays image is hosted on John’s personal server where he runs a bit of code
that lets him know whenever the image is loaded. Since the image is loaded from
the server any time anyone opens the email, the code on the server knows, the
canary sings, and John knows somebody is in his email.
So there you have it! Follow our guidelines along with basic
safe browsing techniques and your email will be safer than even old fashioned
letters!
No comments:
Post a Comment